3.17.1

fix(PortProxy): Fix handling of SNI re-negotiation in PortProxy
2025-02-27 20:10:26 +00:00 · 2025-02-27 20:10:26 +00:00
4 changed files with 8 additions and 15 deletions
--- a/changelog.md
+++ b/changelog.md
@ -1,5 +1,11 @@
 # Changelog

+## 2025-02-27 - 3.17.1 - fix(PortProxy)
+Fix handling of SNI re-negotiation in PortProxy
+
+- Removed connection locking to the initially negotiated SNI
+- Improved handling of SNI during renegotiation in PortProxy
+
 ## 2025-02-27 - 3.17.0 - feat(smartproxy)
 Enhance description clarity and improve SNI handling with domain locking.

--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "@push.rocks/smartproxy",
-  "version": "3.17.0",
+  "version": "3.17.1",
  "private": false,
  "description": "A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, and dynamic routing with authentication options.",
  "main": "dist_ts/index.js",
--- a/ts/00_commitinfo_data.ts
+++ b/ts/00_commitinfo_data.ts
@ -3,6 +3,6 @@
 */
 export const commitinfo = {
  name: '@push.rocks/smartproxy',
-  version: '3.17.0',
+  version: '3.17.1',
  description: 'A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, and dynamic routing with authentication options.'
 }
--- a/ts/classes.portproxy.ts
+++ b/ts/classes.portproxy.ts
@ -90,7 +90,6 @@ interface IConnectionRecord {
  outgoing: plugins.net.Socket | null;
  incomingStartTime: number;
  outgoingStartTime?: number;
-  lockedDomain?: string; // New field to lock this connection to the initial SNI
  connectionClosed: boolean;
  cleanupTimer?: NodeJS.Timeout; // Timer to force cleanup after max lifetime/inactivity
 }
@ -367,19 +366,7 @@ export class PortProxy {
          socket.setTimeout(0);
          initialDataReceived = true;
          const serverName = extractSNI(chunk) || '';
-          // Lock the connection to the negotiated SNI.
-          connectionRecord.lockedDomain = serverName;
          console.log(`Received connection from ${remoteIP} with SNI: ${serverName}`);
-          // Add an extra data listener to check for a renegotiated ClientHello.
-          socket.on('data', (chunk: Buffer) => {
-            if (chunk.length > 0 && chunk.readUInt8(0) === 22) {
-              const newSNI = extractSNI(chunk);
-              if (newSNI && newSNI !== connectionRecord.lockedDomain) {
-                console.log(`Rehandshake detected with different SNI: ${newSNI} vs locked ${connectionRecord.lockedDomain}. Terminating connection.`);
-                cleanupOnce();
-              }
-            }
-          });
          setupConnection(serverName, chunk);
        });
      } else {
Author	SHA1	Message	Date
Philipp Kunz	0ddf68a919	3.17.1	2025-02-27 20:10:26 +00:00
Philipp Kunz	ec08ca51f5	fix(PortProxy): Fix handling of SNI re-negotiation in PortProxy	2025-02-27 20:10:26 +00:00